New Android ransomware: Pay $500 or face factory reset

[Xenocity]

http://arstechnica.com/security/201...ocks-out-victims-by-changing-lock-screen-pin/

Dubbed Android/Lockerpin.A, the app first tricks inexperienced users into granting it device administrator privileges. To achieve this, it overlays a bogus patch installation window on top of an activation notice. When targets click on the continue button, they really grant the malicious app elevated rights that allow it to make changes to the Android settings. From there, Lockerpin sets or resets the PIN that unlocks the screen lock, effectively requiring users to perform a factory reset to regain control over the device. By contrast, earlier forms of Android ransomware generally were thwarted, usually by deactivating administrator privileges and then uninstalling the app after the infected device is booted into safe mode.

"After clicking on the button, the user's device is doomed," Lukas Stefanko, a researcher with antivirus provider Eset, wrote in a blog post published Thursday. "The trojan app has obtained administrator rights silently and now can lock [the] device

It's not on the Google Play Store yet...
You're forced to pay $500 or face a forced factory reset.

 

[plaidInBlue]

If it's related to stagefright, I guess they don't need it to be on Play Store for it to "work".
How to do a factory reset for such devices? OK I found it. As I expected, it's not standadized.

 

[King_Oni]

"the app first tricks inexperienced users into granting it device administrator privileges"

So; if I'm reading this correctly, people who have no clue what they're doing and why they would need admin privileges on their phone, install these things and then complain of being locked out?

Yes, it's malicious software like this, but I question the people affected by this at large. Sounds like something my dad would end up with, but then again, he doesn't even know what admin privileges are, but he'll install whatever "looks fun" to tinker with; and thus I can't ever feel sorry if his phone is defective.

 

[Xenocity]

"the app first tricks inexperienced users into granting it device administrator privileges"

So; if I'm reading this correctly, people who have no clue what they're doing and why they would need admin privileges on their phone, install these things and then complain of being locked out?

Yes, it's malicious software like this, but I question the people affected by this at large. Sounds like something my dad would end up with, but then again, he doesn't even know what admin privileges are, but he'll install whatever "looks fun" to tinker with; and thus I can't ever feel sorry if his phone is defective.

Most users lack a full understanding of software and hardware.
They will grant administrator privileges if asked.

Even full on power users aren't immune to installing malware, viruses, being hacked and ransomware.
At the rate everything moves, it isn't easy to stay on equal footing with those who wish to do something.

This is literally why I refuse to take my Windows partition (same now with Windows 10) online for the most part and refuse for the most part to download directly to it (I Download everything to my OS X side).

So far it has been virus free!

On the hand my OS X (main OS) side has remained malware and virus free all these years.
I'm glad that Apple gives all the security options, including a decent firewall.
I keep Gatekeeper on turned on, so OS X won't run any unsigned code with out admin approval.
I also love using iOS due to all the built in security (most customization isn't worth it to me).

I also have antivirus installed on OS X too (I probably should scan my OS X side)

 

[GoofKing]

How come there isn't any ransomware for the Linux platform yet ? I know there's the fake browser-based ones that use a JavaScript loop which makes sure the user can't close their browser but is there no ransomware for Linux just because Window's the preferred target ?

Another question, what is so bad about resetting the device back to factory settings ? Isn't that just a mild annoyance ? It's not like it erases everything on the phone or device right ?

 

[wyverary]

Re: the Mac malware thing, they're not immune -http://www.foxnews.com/tech/2015/11/04/5-times-as-much-mac-malware-this-year.html
But the good news is, OS X El Capitan's rootless feature, tasteless as it may sound, is actually an excellent protection against malware (based on my reading), as long as you exercise basic common sense...and while you can over-ride it, there is almost no reason to do so. And MalwareBytes, one of the better anti-malware scanners for Windows machines, recently bought out AdwareMedic, and while I've never encountered malware myself, my IT instructor has said it has helped clean up his kid's own MacBook (and we all know how careful teenagers are on the Internet...).

If you're running Windows, CrytpoPrevent is a good thing to have. There is also this... https://thehackernews.com/2015/10/ransomware-decryption-tool.html

As for Android...
Well, I am not an "Apple Freak" by any means, but there is no doubt that droids are FAR more susceptible to malware than Apple iOS devices, for a number of reasons. You just have to be scrupulous as far as the apps you download and how you use the device. Again, common sense, which I think most people are capable of. (and fwiw...if you jailbreak your iPhone, you are a fool. Don't get me started.)

Linux? Don't worry...it's coming. Stay vigilant, keep your code up to date, keep up with the news. You'll be ok.